cvedb.io
CVE-2016-4913
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2016-05-23T10:59:14.723 · Last modified 2026-06-17T00:48:26.550

Summary

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.

Affected products

canonical — ubuntu_linux

Does this affect you?

Add your gear to cvedb and we'll alert you only when canonical ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.